Kcriifl (computer science) - Wikipedia, the free encyclopedia 



Page I of 14 



Kernel (computer science) 

hrom WikipeJia. ihe free encyclopedia 
(Kfdirccted from Operating system kernel) 

In conipuiiiit:, ihc kernel is the central componenl oCniosl conipuier operating 
s\<U';iT. (OSs) lis ix-sponsibilities include managing the sysicni's resources :ind (he 
toniiniinicaiion between hardware and software components. As a basie 
component of an operating system, a keniel provides ihc lowest level of 
abstiaeiion layer for the resources (especially memory, processors and I/O 
devices) Ihut applications must control to perform their funelion. It typically makes 
these facilities available to application processes through inler-proce.ss 
communication rneclianisms and system calls. 

flicse tasks are ilone diffeiently by different kernels, depending on their design 
and implernentaiion. While monolithic kernels will try to achieve these goals hy 
executing all the code m the same address space to increase the performance of the 
system, niicrokemels run most of their service*: in user space, aiming to improve 

mamlamability and modularity of the codebase.''' A range of possibilities exists 
between iliese two extremes. 

Contents 

■ I Overview 

■ 2 Kernel basic responsibilities 

■ 2. 1 I'rocess nianagerncnl 

■ 2,2 Memory management 

■ 2..? 1 icvice nianagerncnl 

■ 2,4 System calls 

■ Kernel design decisions 

■ .V I f ault tolerance 

■ J.2 .Security 

■ }.} Hardware-based proteclion or language-based protection 

■ 3.4 Process cooperation 

■ ,? 5 1,'0 devices managemenl 

■ 4 Kernel-wide design approaches 

■ 4. 1 Monolithic kernels 

■ 4.2 Microkernels 

■ 4,3 Monolithic kernels vs microkernels 

■ 4.4 I lybrid kernels 

■ 4.5 Nanokemels 

■ 4,6 Exokernels 

■ 4.7 Other dcsigas 

■ .S 1 lisiory of kernel development 

■ .S, 1 lin ly operating system kernels 

■ 5,2 fime-sharing operating systems 

■ 53 t.'ni.x 

■ 5.4 Mae OS 

■ 5.5 Windows 

■ 5.6 l)e\'elopmcnt of microkernels 
• 6 Sec also 

■ 7 f-ootnotes 



hltp;//cti.v\ikipcdia.org/vviki 'Operating system kernel 1 M 1 2ii()() 





A kemel connec ts the 
software an J hardw are of a 
computer 



Page 15 of 20 
Harrington et al. - 1 0/63 1 ,062 



Kernel (computer science) - Wikipedia, the free encyclopedia 



■ S Bibliography 

■ 'J F.xtcmal links 

Overview 

Mosi opeialmg systems rely on the kernel coneepl. The existence o\';i 
kcriu'l IS a luiiinal eonseiiiicnce ordesigning a computer system as a series 

ol al>s!raction layers'' I, each relying on the functions of layers beneath 
iiseli'. fhe kernel. tVom this viewpoint, is simply the name given to the 
lo\\est level oi abstraction that is implemented in software. In order to 
avoid having a kernel, one would liavc to design all the sot'Iunre on the 
system to not use abstraction layers; this would increase the complexity of 
the design lo such a point that only the simplest systems eould feasibly be 
implemented. 

While It IS today mostly called the kernel, the same part of the operating 

system has also In the past been known as the nucleus, core l 'il'*ll^ll<'J or 
\iipervisni-. (Note, however, the term core has also been used to refer to 
ihe primary memor\' of a computer system, typically because the original 
memory ot eompiiiers were a type of magnetic "donut" (a "core") 
eonnceled ai the uitercetion of two wires.) 

In most eases, the boot loader starts executing the kernel in supervisor 

moiie,'^! fhe kernel then initializes itself and starts (he first process. After 
this, ihe kernel does not typically execute directly, only in response to 
external events (e.g. via system calls used by applications to request 
services from the kernel, or via interrupts used by the hardware to notify 

the kernel of events). .\dditionalIy, the kernel typically pro\ ides a loop 
thai IS executed whenever no proccs.scs arc available to run; this is ollen called the idlf process 

Kernel ilevelopmeni is considered one of ihe most complex and diffleiilt tasks in progrannning.l'^' Its central 
pDsition in an operatiiig system implies the necessity for good performance, which detines (he kernel as a criiical 
]nece of software and makes its correct design and implementation difficult, for various reasons, a kemcl mtght 
not e\ en be able to use the abstraction mcchanism.s it pro\'ides to other .software. Such reasons inchnle memory 
maniigemcni concerns (lor example, a user-mode function might rely on niemoiy being subject lo demand |)agmg, 
hut ;ls the kernel ilscif provides that facility it cannot use n. because then it might not remain in meinoiy to 
provide that facility) and lack of reentrancy, thus making its development even more dittknilt for software 
engineers. 

.•\ kernel will usually provide features lor low-level scheduling!'''! of processes (dispatching ). Inlcr-pi ocess 
eoinmunieation, process synchronization, context switch, manipulation of process control blocks, mteirupt 
handling, process creation and destruction, process .suspension and resumption (see process states)'-'!'''! 

Kernel basic responsibilities 

l he kernel's [iniiiai y [lurpose is to manage the computer's resources and allu«' other progrtnns id run and u-,c these 
resources. I ypieally, the resources consist of: 

■ The CPU (frequently called the processor). This is the most central part ol a computer ■-yslem. responsible 
tor niiiitin^ or exeeiiiiii;^ programs ini n. fhe kernel takes responsibility lor deciding at any time winch ot 

http:'.'cn.w'ikipeclia.org,'wiki/Operating systctn kernel 1 1 /1 1/2000 



Page 2 of 14 



OS and applic;Hic>iis 
kernel 
assembler 
linnutiiv 

liarduiirc 



■\ (;yPK al \ isioii et .1 .(irnpLiu-i 
archileciiire as a seric"- ol absiruv 11011 

layers liard«are. linruvarc. 
as.seiiihlei. keriU'l. opeiahiif svsi^rn 
and applu'ulioii.s (see ,iU(i 
TanenbiiUTii 7')). 



Page 16 of 20 
Harrington et al. - 1 0/63 1 ,062 



Kernel (compiiler science) - Wikipedia, the free encyclopedia ^ ^ Page 3 of 1 4 

the many running programs should be allocsiled to the proccbsor or processors; (each of which can usually 
run only one program at once) 

■ rhc computer's memory. Memory is used It) store both program instructiun.s and daia. l ypKCilK'. Ixilli need 
lo he prt'sciM m niemory m order lor a program to cxeeuic. Oflcii mulliple proginnis will wani iieccss lo 
nicnidiy, Irciiucntly demanding more memory tlian the computer has available. The kcmel is respimsible 
for deciding which memoiy each process can use, and determining what to do when not enough is 
■nailaiile. 

■ Any Input/Output (I/O) devices present in the computer, such as disk drives, printers. dispki>s, elc, I he 
kernel allocates requests froin applications lo perform I t) lo an appropi iaie device (or subsection oi a 
device, in the case of files on a disk or windows on a di.splay) and provides convenient nielhrHis for usiiij' 
the dc\ ice (t\ pically abstraeled to the point where the application does not need to know implemcniation 

dclaiLs of the device) 

Kernels also usually provide inelhods for .syiichroni/.ation and communication between processes (called (/i/c/- 
prarcss iDinniwiU alion or IPC). 

.•\ kernel may implement these features ilscll'. or rely iin sonic of the proccs.ses it runs lo pro\'idc the lacililies i.. 
other processes, although in this case it must provide some means of ll't' to allow processes to access the lacilitics 
prov ided by each other 

l-inally, a kernel must provide running programs with a method to make requests to access these faeiliiies. 
Process management 

'I hc main task of a kernel is to allow the execution of applications and support them with features such as 
hardware abstract ions. 'I'o run an application, a kernel typically sets up an address space for the applicain m. loads 
the tile containing the application's code into memory (perhaps via demand paging), sets up a stack for the 
pnigrani and branches to a given location inside the program, thus starting its execution. 1^'"' 

Multi-iasking kernels are able to give the user the illusion thai the number of processes being run simultaneously 
iMi the conipiiier i.s higher than the maxinnim miniber of processes tlie computer is physically able to run 
siniullaneously. Typically, the iiuinber of processes a system may run simullaneousty is equal to ihe nimiher of 
( PI 's installed (how ever this may not be the case if Ihc processors support simultaneous nuiltlthreiulin!.;). 

Ill a pie-enipti\ e iiuiitilaskmg system, the kernel will give every program a slice of tunc and ,^w ltch from process 
lo process so quickly that it will appear to the user as if these jirocesscs v\ere being executed siniiiltancously. I he 
kernel uses scheduling algorithms to determine which process is running ne.xl and how much lime ii will be given 
The algorithm chosen may allow for some processes to have higher priority than others. The kernel geneially al-.o 
provides these processes a way to communicate; this is known as inter-process communication (IPC) and the 
main approaches are .shared memory, mes.sage passing and remote procedure calls (.see concurrent computing i 

t)ther systems (particularly on smaller, less powerful computers) may provide co-operative multitasking, where 
each process is allowed to run uninterrupted until it makes a special request that tells the kernel it may sw iieli to 
another process. Such requests are known as "yielding", and typically occur in lesponse to requests foi 
inteiproeess communication, or for waiting for an event to occur. Older versions of Windows and Mae OS both 
used co-operative multitasking but switched to prc^-cmptive schemes as the power of Ihe computers they were 
targeted to grew 

1 he operating system might also support multiprocessing (SMP or Non-dniform Memory Access): in that case, 
different programs and threads may run on different processors. A kernel Ibr such a system must be designed to 
be i c-ciurant, meaning that it may salcly run two different parts of its code simultaneously. This typically means 
providuii; synchronization mechanisms (such as spinlocks) to ensure that no two processors attempt lo modify the 



hHp:/Vcn.\vikipedia.org/wiki/Opcrating_sysiem_kemel 11/11 'HMu 



Page 17 of 20 
Harrington et al. - 10/63 1 ,062 



Kernel (computer science) - Wikipedia, the free encyclopedia Paue 4 of 1 4 



same daia at the same time. 




Memory management 

The kernel h;is full access to the system\ memory ami must allow processes to access this memory safely a<, ihc> 
require it. Often the first sicp in domg this is Mituai aUdressing, usually achieved by pa^iing aiul oi seuineiilalinii 
Vinual addressing allows the kernel to make a given physical address appear to be another address, the v irtual 
address. Virtual address spaces may be different for differenl proeesses; (he memory that one process aecesscN al 
a panicuUir (virtual) address may be different memory from what another process accesses at the same address 
fhis jIIows every progiam to behave as if it is the only one (apart from the kernel) running and thus prc\cnis 
applications troni crashing each other,'"'' 

Oil many systems, a program's virtual address may refer to data which is not currently in memory. The layer ol 
indirection provided by virtual addressing allows the operating system lo use other data stores, like a hard dn\e, 
to store what would otherwise have to remain in main memory (RAM), As a result, operating systems can allow 
procrani,^ to use more memory than ihe system has physically available. When a program needs data which is not 
ciiiienlly in RAM, the C'l'lJ signals to the kernel that this has happened, and the keniel responds hy writing the 
contents of an inactive memory block to disk (if necessary) and replacing it with the data requested by the 
program. I he |irogram can then be resumed from the point where it was slopped. This scheme is generally knou n 
as demand paging. 

Virtual addressing also allows creation of virtual partitions of memory in two disjointed areas, one being reserv ed 

lor ihe kernel (kernel space) and the other for the applications (user space) The appliealions are noi periiiitled In' 
the proeessur to address kernel memory, thus preventing an appliealion from damaging ihe uiiiiiing kernel, I his 
luiulameiilal paiiuion of memory space has contributed much to current designs of actual general-purpose kernels 
and IS almost universal in such systems, although some research kernels (eg. Singularity) lake other approaches. 

Device management 

1 o perform useful functions, processes need access lo ihe peripherals connected lo the computer, w hich are 
controlled by the kernel through device drivers. F-or example, to show the ti.scr something on the screen, an 
appticalion would make a request to the kcnicI, which would forward the requcsl to iis display driver, which is 
Ihcn responsible for actually plotting the character/pixel. ['"•' 

.\ kernel must maintain a li.sl of available devices. This list may be knov\'n in advance (eg, on an embedded 
system where the kernel will be rewritten if the available hardware changes), configured by the user (typical on 
older PCs and on systems thai are not designed for personal use) or detected by the operating system at run tunc 
(normally called Plug and Play). 

In a plug and play system, a device manager first perforins a scan on different hardware buses, such as I'eiipheral 
Coinpoiienl Inleieonnecl (P( 1) or l,iiiiversal Serial Bus (liSB). lo deteel mstalletl devices, then searches for the 
appropriate diners, 

,\s device tnanagemcnl is a very (')S-speci tie lopic, these drivers are handled ditTciently by each kind ol kerne! 
ucsien, but in every ease, the kernel has to provide the I'D to allow drivers lo physically access iheir de\ ices 
ihrough some port or memory location. Very irnporlani decisions have lo be made when designing the de\ lee 
manageiiient system, as m some designs accesses may involve context switches, making the operation very ( I'l - 
intensive and easily causing a significant performance overhead. 

System calls 



htlp:/'cn. wikipedia. org/\viki,''Opcrating system kernel 1 M 1 /200() 



Page 18 of 20 
Harrington et al. - 1 0/63 1 ,062 



Kernel (computer science) - Wikipedia, the free encyclopedia 



Pauc 5 of 14 




1 o aciiially perform useful work, a process must be able to access the services provided by the kernel. Phis is 
implemented dilTcrciidy by each kernel, but most provide a C library or an API, which in turn invoke the related 
kerne! functions. 

The method of nivokmg the kernel funeti'on varies from kernel to kernel. If memory isolation is in use, it is 
impossible for a user process to call the kernel directly, because thai would be a \ioliition ofihe processor's access 
cunlry] rules. A lew possibilities are: 

■ t siny a software-simulated interrupt. This method is available on most hardware, and is iht rcfore \cr\- 
common. 

■ L'sing a call gate. A call gate is a special address which the kernel has added to a list stored in kernel 
memory and which the processor knows the location of. When ttie processor detects a call to that location. 
It instead redirects to the target location without causing an access violation. Requires hardware support, 
but the hardware for it is quite common. 

■ 1,'sing a special system call instruction. This technique requires special hardware support, which common 
architectures (especially x86) may lack. System call instructions have been added to recent models of xSd 
processors, however, and some (but not all.) operating systems for PCs make use of them when a\ aiiablc. 

• l .'smg a iiiciuory-bascd queue. An application that makes large numbers of requests but does not need to 
w ait for the result of each may add details of requests to an area of memory that the kernel periodically 
scans to find requests. 

Kernel design decisions 
Fault tolerance 

.'\n important consideration in the design of a kernel is fault tolerance; specitlcally, in eases where multiple 
piograms are running on a single computer, it is usually important to prevent a fault in one of the prourams iVoni 
negiiiivcty alTecting the other. Extended to malicious design rathcT than a fauh, this also applies to .sccuriiy. and is 
necessary to pie\'eni processes from aeeesssing information without being granted permissnon. 

'1 wo main approaches to the protection of sensitive information are assigning privileges to hierarchical protcctuui 
domains, for example by using a processor's supervisor mode, or distributing privileges differently tor each 
process and resource, for example by using capabilities or access control lists. 

(lieiarchical protection domains arc much less flexible, as it is not possible to assign different priv ileges to 
processes that are at the same privileged level, and can't therefore satisfy Denning's four principles Ibi limit 
tolerance (particularly the Principle of least privilege). Hierarchical protection domains also have a nwior 
jK'i loi mancc dr,i\vbatk, since interaction between different levels ol" protcciion. when a process has lo maiiipulalc 
a data structure hoih in 'user mode' and 'supervisor mode', always rcijuircs message copying (iransniission by 
value)!' 'I. A kernel based on capabilities, however, is more Hexiblc in assigning privileges, can sansiy Denning's 
t'auli li)lcrancc principles'''!, and typically doesn't suffer from the performance issues of copy by value. 

Both approaches typically require some hardware or firmware support to be operable and efncienl. The hardware 

sLipporl tor iiicrarcliical protection domains! '■*' is typically that of "CPU modes". An efficient and simple way to 
prov ide harilw are support of capabilities is to delegate the MMU the responsibility of checking acccss-nghts tor 

every memory access, a mechanism called capability-based addressing''''. Most commercial computer 
architectures lack .VIMU support for capabilities. .An alternative approach is to simulate capabilities using 
commonly-support hierarchical domains; in this approach, each protected object must reside in an address space 
thai the application does not have access to; the kernel also maintains a list of capabilities in such memory When 
an application needs to access an object protected by a capability, it perfomis a system call and the kernel 



htip:,'/'en.wikipeclia.org;'wiki,'Operaling systemkemel 1 1 -1 1 .'ZOOd 



Page 19 of 20 
Harrington et al. - 1 0/63 1 ,062 



Spinlock - Wikipcdia, the free encyclopedia Page 1 of 3 

Spinlock ^ i^cicje. I o-f / 

From Wikipedia, the free encyclopedia 

In software engineering, a spinlock ft a lock where the thread simply waits in a loop ("spins") repeatedly 
checking until the lock becomes available. As the thread remains active but isn't performing a useful task, the use 
of such a lock is a kind of busy waiting. Once acquired, spinlocks will usually be held until they are explicitly 
released, although in some implementations they may be autotnaticaUy released if the thread blocks (aka "goes to 
sleep"). 

, I Spinlocks are efficient if threads are only likely to be blocked for a short period of time, as they avoid overhead 
from operating system process re-scheduling or context switching. For this reason, spinlocks are often used inside 
operating system kemels. However, spinlocks become wasteful if held for longer, both preventing other threads 
from running and requiring re-scheduling. Spinlocks are always inefficient on single-processor systems - no other 
thread is able to make progress while the waiting thread spins. 



Implementing spinlocks is difficult, because one must take account of the possibility of simultaneous access to the 
lock to prevent race conditions. Generally this is only possible with special assembly language instructions, such 

as atomic lest-and-set operations, and cannot be implemented from high level languages like C.''^ On 
architectures without such operations, or if high-level language implementation is required, a non-atomic locking 
algorithm may be used, e.g. Peterson's algorithm, But note that such an implementation may require more 
memory than a spinlock, be slower to allow progress after unlocking, and may not be implementable in a high- 
level language if out-of-order execution is in use. 



Contents 

■ I Example implementation 

■ 2 Significant optimisations 

■ 3 Alternatives 

■ 4 References i 

■ S See also | 

■ 6 External links J 

Example implementation 

The following example uses x86 assembly language to intplement a spinlock. It will work on any Intel 803S6 
compatible processor. 



lock: # TtM lock variable, l - locked, 0 • unlocked. 

<Jd 0 

spin_lock : 

riiov eax, 1 # Set the EAX register to 1. 

loop 1 

xchs eax, [lock] # Acomically swap the SAX register with 

# the lock variable. 

# Thia will alwaya store 1 to the lock, leaving 

# previous value In the EAX register. 

i 

: teat eax, eax tt Test EAX with itself. Among other things, this will 

i K set the processor's Zero Flag if BAX is 0. 

I » le EAX is 0, then the lock was unlocked and 

I we just locked it. 



http://en, wikipedia.org/wiki/Spinlock 1 1/1 2/2006 



Page 20 of 20 
Harrington et al. - 10/63 1 ,062 



